On May 20, 2015, at 11:46 AM, Alan Clifford <lists(_at_)clifford(_dot_)ac>
wrote:
From man procmailrc
"DROPPRIVS If set to `yes' procmail will drop all privileges it might have
had (suid or sgid). This is only useful if you want to guarantee that the
bottom half of the /etc/procmailrc file is executed on behalf of the
recipient."
My understanding is that as soon as the recipes in /etc/procmailrc have been
done and the program moves on to the the user's ~/.procmailrc, any privileges
are automatically dropped.
Exactly. This is so procmail doesn’t execute ~/.procmailrc (which, generally,
the user can edit) with root privileges. Since a user could execute arbitrary
commands, they could trigger a root exploit (`cp /bin/sh ~/bin/sh && chmod 4775
~/bin/sh` anyone?)
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)de
http://mailman.rwth-aachen.de/mailman/listinfo/procmail